I love my weekly challenge of finding something related to sports, movies or other piece of pop culture and tying it back to network security. I often get asked where my “inspiration” comes from, to which I respond, “Only from my weird and twisted mind.” But in all seriousness, I find my inspiration in everything: something I see on television; someone I talk to; a song I hear; a movie I see; a sport I love. The tie-in to network security doesn’t hit me right away, but then it does…just at the right time.

Matt Hilgers, from our TippingPoint TAC team, challenged me to tie a certain children’s animated show to network security. The show is Daniel Tiger’s Neighborhood, which is an animated spinoff of the popular Mister Rogers’ Neighborhood children’s television series that ran on American public television from 1968 to 2001. I grew up watching Mister Rogers, who focused on a variety of topics, even some that other children’s shows didn’t dare touch, like death, divorce or even war. Although Daniel Tiger’s Neighborhood targets preschool children, it still focuses on mature themes like disappointment and appreciation, but uses “strategy songs” to reinforce the theme of the episode and to help children remember the life lessons.

As luck would have it, one of the strategy songs from the show is titled, “Stop and Listen to Stay Safe.” The song teaches children to be safe when it comes to crossing the street or running too far from the yard. If you keep track of security news, then you know that if you get an alert from the Department of Homeland Security to uninstall Apple’s QuickTime for Windows, you better “stop and listen to stay safe!” Last week, the Zero Day Initiative publicly disclosed two zero-day vulnerabilities in Apple QuickTime that can be exploited to achieve remote code execution on the Windows platform. The vulnerabilities had been reported to Apple previously; however, Apple decided to end support for QuickTime for Windows and not patch these vulnerabilities.

If you’re a TippingPoint customer, you have been protected from these vulnerabilities since December 1, 2015 with the following Digital Vaccine filters:

Customers who need a little more time to remove QuickTime from Windows machines can employ the following Digital Vaccine policy filter, that’s been available since September 14, 2009, to detect and/or block transferring of all QuickTime movie files over HTTP:

8444: HTTP: Apple QuickTime Transfer

There have been over 100 articles on the QuickTime for Windows alert and it was a trending topic on Twitter and Facebook. Here are a few useful links:

There are seven new zero-day filters covering seven vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative web site.

This section highlights specific filter(s) of interest in this week’s Digital Vaccine package that have been updated as a result of a vendor issuing a patch for a vulnerability found via the Zero Day Initiative.

In 2015, the Zero Day Initiative saw over 200 vulnerabilities focused on SCADA and Industrial Control Systems (ICS). The following updated zero-day filters reflect patches for vulnerabilities in Advantech solutions. At one point in late 2015, we had 57 Advantech vulnerabilities submitted to the Zero Day Initiative in one week!